﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;

public partial class LoginPage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        { 
        
        }
    }
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        checkSQLInJection();
        if (txtMobile.Text.Trim() != "" && txtPassword.Text.Trim() != "")
        {
            string sql = @"select Login.* from Login where Mobile='"+txtMobile.Text.Trim()+@"' and Password='"+txtPassword.Text.Trim()+@"'";

            DataSet ds = DatabaseManager.ExecSQL(sql);

            if (ds.Tables[0].Rows.Count != 0)
            {
                Session["OnlineSMS_LoginID"] = "710101" + ds.Tables[0].Rows[0]["LoginID"].ToString() + "034438";
                Response.Redirect("DashBoard.aspx");
            }
        }
    }

    private void checkSQLInJection()
    {
        txtPassword.Text = CommonManager.isInjection(txtPassword.Text);
        txtMobile.Text = CommonManager.isInjection(txtMobile.Text);
    }
}